Improving Email at Cisco Part 1 – The IT Technology Side

Emails carry the risk of, very rarely, nasty virus payloads (or link you to sites that have worse)

Despite all this, I can’t live without email

I work at Cisco, where everyone relies on email. I get close to 200 emails every work day, and I gather that’s close to the average. But Cisco IT and I have an agreement: together we will try to reduce our shared email pain and improve our productivity. Notice that it takes both of us – both good IT technology and good employee practices to reduce the inevitable pain of email.

These two blogs will share six specific ways that Cisco IT and I have agreed to try to make life easier for everyone. This first blog focuses on two ways that IT technology help me, while the second blog focuses on four ways I can help reduce the pain of email for everyone else.

Email Pain Reduction Step 1: Taking out the Garbage

At home, despite spam filters on my person email system, I’d guess that about 70% of my email is some form of spam. At work, almost no spam gets through. Almost 2/3 of the email that gets sent to me from outside of Cisco doesn’t get forwarded on to me, and for that, I’m extremely grateful. Cisco IT supports the Email Security Appliance (ESA), which sits between the internet gateway and our Exchange mail server. (Cisco also sells Cloud Email Security, which is the same service in the cloud; but Cisco IT put ESA in before the web service was around… and once in, things are harder to change!)

Cisco gets an unbelievable 134 million emails per month, and the ESA, thankfully, blocks 86 million of these for a variety of reasons. About 94% of them are blocked because of the reputation of the sender; spammers develop a bad reputation quickly. Some (almost 6%) are blocked because of spam content. A few (0.7%) are blocked because the recipient email address was invalid. And a very few bud deadly 5,300 per month (0.01%) are blocked because they contain a virus or other malware. The following table shows data averaged over a 2 year period (Feb 2012-2014) at Cisco.

Email data averaged over a 2 year period (Feb 2012-2014) at Cisco.

Still, some spam gets through. I do get some legitimate marketing email – invitations to tech seminars or white papers – clearly marked [MARKETING] or occasionally marked [SUSPECTED SPAM]. ESA does that too, to about 20% of all the mail it lets through.

This table makes it look like the average Cisco employee only gets 17 emails per day delivered, which doesn’t match my experience of more than 200 per day. That’s because of two things:

I get most of my email from inside Cisco, which isn’t screened by ESA; and

Emails, both internal and external, usually have multiple recipients, and that creates a large multiplier effect

Email Pain Reduction Step 2: Keeping the Garbage Out

The emails that pass through may not carry malware, but they can still point you to tempting websites carrying hidden malware traps. Cisco IT has set up the Web Security Appliance (and is piloting the Cloud Web Security for our mobile smartphones and tablets), and you’d be surprised at the amount of trouble we’ve been spared.

Based on one week of WSA data I was able to get hold of, Cisco employees visit around 350 million websites per day and are blocked from about 2%: that is, blocked from 6.5 million visits per day. Of these sites blocked – and you get an ominous white page with some warning language coming up on your screen when you get blocked – the WSA blocks most of these sites (93.5%) based on their reputations, and another 4.5% based on some Cisco-chosen URLs. There’s also the 2% that are blocked because there was malware detected on the web stream headed toward Cisco machines.

Just to drill down for a moment on those 2% of sites blocked because of malware: in one typical day, WSA blocked:

441K sites – Trojan Horse

61K sites – Other Malware

29K sites – Encrypted Files (monitored, decrypted, and blocked)

16.4K sites – Adware Messages

1K sites– Trojan Downloaders

55 sites – Phishing URLs

22 sites – Commercial System Monitors

5 sites – Worms

3 sites – Dialers

Any one of these would have created a pretty ugly mess inside Cisco if it had made it onto someone’s machine.

Those are two areas where IT technology makes my life easier – cutting the number of emails I get by about 2/3, and pretty much dropping the number of dangerous emails, or dangerous websites my emails might send me to, down to zero.

But there’s a lot more I can do to make my own email experience, and everyone else’s better and more secure – some of it with a little help from Cisco IT. That’s for the next blog: Improving Email at Cisco Part 2 – The Employee Process Side.

We'd love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Some of the individuals posting to this site, including the moderators, work for Cisco Systems. Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of Cisco. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Cisco or any other party. This site is available to the public. No information you consider confidential should be posted to this site. By posting you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to the Website and release Cisco from any liability related to your use of the Website. You also grant to Cisco a worldwide, perpetual, irrevocable, royalty-free and fully-paid, transferable (including rights to sublicense) right to exercise all copyright, publicity, and moral rights with respect to any original content you provide. The comments are moderated. Comments will appear as soon as they are approved by the moderator.